<?php
/**
 * 可以处理所有的跨域请求包括 credentials 类型（带cookie的）
 *
 * Created by PhpStorm.
 * User: zjx
 * Date: 2016/9/12
 * Time: 11:06
 */

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class Cors
{
    public function handle(Request $request, Closure $next)
    {
        $allow_origin = $request->header('Origin');

        return $next($request)
            ->header('Access-Control-Allow-Origin', $allow_origin)
            ->header('Access-Control-Allow-Credentials', 'true')
            ->header('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE, OPTIONS')
            ->header('Access-Control-Allow-Headers', 'Content-Type, X-Auth-Token, Origin, Authorization, Accept, Application, X-Requested-With')
        ;
    }


}